602b224ada29c947a466ec379cd29ebaabd32a7333a018077aea16b0b9a0e6cd | Triage

Sharing

General

Target

ac6ba8c136b9e1cdca9fb6e0649dc530N.exe
Size

135KB
Sample

240825-pxxresvcjh
MD5

ac6ba8c136b9e1cdca9fb6e0649dc530
SHA1

5e0df15c43213366c98c01174ce8448ea9ef251f
SHA256

602b224ada29c947a466ec379cd29ebaabd32a7333a018077aea16b0b9a0e6cd
SHA512

227ca836d843e2c1ed34b38e29f4a7743115d94faf3d27e6f78cebf9ad6804ddfcc34f491d301a3a45334b301a8cabc7540aa8b1640ed27269dd3d0399f8aef0
SSDEEP

3072:My7aYsNEhCC04DcTBK8Qr5+ViKGe7Yfs0a0Uoi:rCnTBK9cViK4fs0l

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  ac6ba8c136b9e1cdca9fb6e0649dc530N.exe
- Size
  
  135KB
- MD5
  
  ac6ba8c136b9e1cdca9fb6e0649dc530
- SHA1
  
  5e0df15c43213366c98c01174ce8448ea9ef251f
- SHA256
  
  602b224ada29c947a466ec379cd29ebaabd32a7333a018077aea16b0b9a0e6cd
- SHA512
  
  227ca836d843e2c1ed34b38e29f4a7743115d94faf3d27e6f78cebf9ad6804ddfcc34f491d301a3a45334b301a8cabc7540aa8b1640ed27269dd3d0399f8aef0
- SSDEEP
  
  3072:My7aYsNEhCC04DcTBK8Qr5+ViKGe7Yfs0a0Uoi:rCnTBK9cViK4fs0l
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence